On Wednesday 20 June 2007 08:18:26 sriram purushothaman wrote:
> Scott,
>
> I am attaching my WEB.XML available under tomcat-5.5.16/cas/WEB-INF folder.
> I have given entries only loginURL, validateURL and ServerName. I have not
> given an entry for ServiceURL. Is that required?
>
> Please check my web.xml and tell me which URL should I use in my IE?
> I tried using http://localhost:8080/cas/login. I got CAS login page. But
> after giving my credentials i got an exception. My LDAP auth did not happen
>
> Thanks
>
> Scott Battaglia <[EMAIL PROTECTED]> wrote: This might help you:
> http://www.ja-sig.org/wiki/display/CASUM/LDAP
>
> (note that the first step about the dependency relates to CAS 3.1 and not
> CAS 3.0.x but the rest of the information should be okay).
>
> -Scott
>
> On 6/19/07, sriram purushothaman <[EMAIL PROTECTED]> wrote: Please check
> this bean entry in deployer..xml <bean id="contextSource"
> class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource">
> <property name="authenticatedReadOnly" value="false" /> <property
> name="userName" value="" />
>                  <property name="password" value="" />
>                  <property name="urls">
>                           <list>
>                                  <value>ldap://XX.XXX.X.XXX:389/</value>
>                          </list>
>                  </property>
>
>                  <property name="baseEnvironmentProperties">
>                           <map>
>                                  <entry>
>                                         
> <key><value>java.naming.security.authentication</value></key>
> <value>simple</value>
>                                  </entry>
>                         </map>
>                 </property>
> </bean>
>
> What should i give for UserName and Password?
> Should i give the Distinguished Name and password that i normally use in
> httpd.conf(Apache web-server + weblogic) and what should i give for URLs
> list
>
> Please let me know
>
> Thanks
>
>  Scott Battaglia <[EMAIL PROTECTED]> wrote:  If you're using a 
> non-Sun JVM, then you need to set the "responseControlFactory" property on
> the ContextSource.  The default is an internal Sun implementation.
>
> -Scott
>
>  On 6/19/07,  sriram purushothaman <[EMAIL PROTECTED]> wrote:  Hi
>
> I have done LDAP authentication using Apache Webserver 2.0.59 and Weblogic
> 8.1 and I am successful with it. Now i want to do it with CAS.
>
> I am new to CAS and i am trying out few stuff. I am using Tomcat   5.5.16,
> JDK 1.42
>
> 1. I have download cas-server-3.0.7 and cas-client-java-2.1.1
> 2. I have downloaded cas-server-ldap-3.0.7 JAR , spring-ldap1.1.2 JAR,
> ldapbp1.0 JAR and put these 3 JARs in localplugins/lib folder. 3. Did ant
> jar and ant war. Got the localplugins.jar and the WAR  file 4. I changed my
> deployerConfigContext.xml. I have attached the same here.Please check and
> tell me whether it is correct. 5. Copied the WAR into my tomcat/webapps
> 6. When i start my tomcat, i am getting the attached error.
>
> I have downloaded this folder structure com.sun.jndi.ldap.<>, but not sure
> what to do with it.
>
> Regards,
> Sriram
>
>
> ---------------------------------
> Don't pick lemons.
>  See all the  new 2007 cars  at  Yahoo! Autos.
>
>
> 2007-06-19 14:55:45,250 ERROR 
> [org.springframework.web.context.ContextLoader] - <Context initialization
> failed> org.springframework.beans.factory.BeanCreationException: Error
> creating bean with name 'centralAuthenticationService' defined in
> ServletContext resource [/WEB-INF/applicationContext.xml]: Cannot resolve
> reference to bean 'authenticationManager' while setting bean property
> 'authenticationManager'; nested exception is  
> org.springframework.beans.factory.BeanCreationException: Error creating
> bean with name 'authenticationManager' defined in ServletContext resource
> [/WEB-INF/deployerConfigContext.xml]: Cannot create inner bean ' 
> org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler#b2e752' of type
> [org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler] while setting
> bean property 'authenticationHandlers' with key [1]; nested exception is  
> org.springframework.beans.factory.BeanCreationException: Error creating
> bean with name 
> 'org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler#b2e752' defined
> in ServletContext resource [/WEB-INF/deployerConfigContext.xml]: Cannot
> resolv!
>  e reference to bean 'contextSource' while setting bean property
> 'contextSource'; nested exception is 
> org.springframework.beans.factory.BeanCreationException: Error creating
> bean with name 'contextSource' defined in ServletContext resource
> [/WEB-INF/deployerConfigContext.xml]: Instantiation of bean failed; nested
> exception is   java.lang.NoClassDefFoundError:
> com.sun.jndi.ldap.ctl.ResponseControlFactory Caused by:
> org.springframework.beans.factory.BeanCreationException: Error creating
> bean with name 'authenticationManager' defined in ServletContext resource
> [/WEB-INF/deployerConfigContext.xml]: Cannot create inner bean ' 
> org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler#b2e752' of type
> [org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler] while setting
> bean property 'authenticationHandlers'  with key [1]; nested exception is 
> org.springframework.beans.factory.BeanCreationException: Error creating
> bean with name
> 'org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler#b2e752' defined
> in ServletContext resource [/WEB-INF/deployerConfigContext.xml]: Cannot
> resolve reference to bean 'contextSource' while setting bean property
> 'contextSource'; nested exception is  
> org.springframework.beans.factory.BeanCreationException: Error creating
> bean with name 'contextSource' defined in ServletContext resource
> [/WEB-INF/deployerConfigContext.xml]: Instantiation of bean failed; nested
> exce!
>  ption is java.lang.NoClassDefFoundError:
> com.sun.jndi.ldap.ctl.ResponseControlFactory Caused by:
> org.springframework.beans.factory.BeanCreationException: Error creating
> bean with name
> 'org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler#b2e752  '
> defined in ServletContext resource [/WEB-INF/deployerConfigContext.xml]:
> Cannot resolve reference to bean 'contextSource'  while setting bean
> property 'contextSource'; nested exception is
> org.springframework.beans.factory.BeanCreationException : Error creating
> bean with name 'contextSource' defined in ServletContext resource
> [/WEB-INF/deployerConfigContext.xml]: Instantiation of bean failed; nested
> exception is  java.lang.NoClassDefFoundError:
> com.sun.jndi.ldap.ctl.ResponseControlFactory Caused by:
> org.springframework.beans.factory.BeanCreationException: Error creating
> bean with name 'contextSource' defined in ServletContext resource
> [/WEB-INF/deployerConfigContext.xml]: Instantiation of bean failed; nested
> exception is   java.lang.NoClassDefFoundError:
> com.sun.jndi.ldap.ctl.ResponseControlFactory Caused by:
> java.lang.NoClassDefFoundError:
> com.sun.jndi.ldap.ctl.ResponseControlFactory at
> org.springframework.ldap.support.LdapContextSource.class$ 
> (LdapContextSource.java:42) at 
> org.springframework.ldap.support.LdapContextSource.<clinit>(LdapContextSour
>ce.java:42) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native
> Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance
> (NativeConstructorAccessorImpl.java:39) at
> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstru
>ctorAccessorImpl.java:27) at
> java.lang.reflect.Constructor.newInstance(Constructor.java :274) at
> org.springframework.beans.BeanUtils.instantiateClass(BeanUtils.java:84) at
> org.springframework.beans.BeanUtils.instantiateClass (BeanUtils.java:60) at
> org.springframework.beans.factory.support.SimpleInstantiationStrategy.insta
>ntiate (SimpleInstantiationStrategy.java:45) at 
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
>y.instantiateBean (AbstractAutowireCapableBeanFactory.java:739) at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
>y.createBeanInstance (AbstractAutowireCapableBeanFactory.java:727) at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
>y.createBean (AbstractAutowireCapableBeanFactory.java:390) at
> org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject
> (AbstractBeanFactory.java:254) at
> org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getS
>ingleton (DefaultSingletonBeanRegistry.java:144) at
> org.springframework.beans.factory.support.AbstractBeanFactory.getBean
> (AbstractBeanFactory.java:251) at 
> org.springframework.beans.factory.support.AbstractBeanFactory.getBean
> (AbstractBeanFactory.java:163) at
> org.springframework.beans.factory.support.BeanDefinitionValueResolver.resol
>veReference(BeanDefinitionValueResolver.java :271) at
> org.springframework.beans.factory.support.BeanDefinitionValueResolver.resol
>veValueIfNecessary (BeanDefinitionValueResolver.java:128) at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
>y.applyPropertyValues (AbstractAutowireCapableBeanFactory.java:1047) at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
>y.populateBean (AbstractAutowireCapableBeanFactory.java:843) at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
>y.createBean (AbstractAutowireCapableBeanFactory.java:427) at 
> org.springframework.beans.factory.support.BeanDefinitionValueResolver.resol
>veInnerBean (BeanDefinitionValueResolver.java:221) at
> org.springframework.beans.factory.support.BeanDefinitionValueResolver.resol
>veValueIfNecessary (BeanDefinitionValueResolver.java:111) at
> org.springframework.beans.factory.support.BeanDefinitionValueResolver.resol
>veManagedList (BeanDefinitionValueResolver.java:291) at
> org.springframework.beans.factory.support.BeanDefinitionValueResolver.resol
>veValueIfNecessary (BeanDefinitionValueResolver.java:132) at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
>y.applyPropertyValues (AbstractAutowireCapableBeanFactory.java:1047) at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
>y.populateBean (AbstractAutowireCapableBeanFactory.java:843) at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
>y.createBean (AbstractAutowireCapableBeanFactory.java:427) at
> org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject
> (AbstractBeanFactory.java:254) at
> org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getS
>ingleton (DefaultSingletonBeanRegistry.java:144) at
> org.springframework.beans.factory.support.AbstractBeanFactory.getBean
> (AbstractBeanFactory.java:251) at
> org.springframework.beans.factory.support.AbstractBeanFactory.getBean
> (AbstractBeanFactory.java:163)
> _______________________________________________
> Yale CAS mailing list
> [email protected]
>  http://tp.its.yale.edu/mailman/listinfo/cas
>
>
>
>
>
>
> --
> -Scott Battaglia
>
>
> LinkedIn:  http://www.linkedin.com/in/scottbattaglia
> _______________________________________________ Yale CAS mailing list
>  [email protected]
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
>
> ---------------------------------
> We won't tell. Get more on shows you hate to love
> (and love to hate): Yahoo! TV's Guilty Pleasures list.
>
> _______________________________________________
> Yale CAS mailing list
> [email protected]
>  http://tp.its.yale.edu/mailman/listinfo/cas

you mixed up a few things. The cas-filter is to be used with your client 
application not with cas. This means that your web.xml for cas is wrong.
It should look like this ....


<?xml version="1.0" encoding="ISO-8859-1"?>
<web-app xmlns="http://java.sun.com/xml/ns/j2ee";
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
        xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee 
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd";
        version="2.4">
        <display-name>Central Authentication System (CAS) 3.0</display-name>
        <context-param>
                <param-name>contextConfigLocation</param-name>
                <param-value>
                        /WEB-INF/applicationContext.xml,
                        /WEB-INF/deployerConfigContext.xml
                </param-value>
        </context-param>
        
        <!-- DEBUT Ajout pour OPIAM -->
        <filter>
                <filter-name>additional cookie</filter-name> 
                
<filter-class>com.atosorigin.opiam.auth.cas.CreateAdditionalCookie</filter-class>
        </filter>
        
        <filter-mapping>
                <filter-name>additional cookie</filter-name> 
                <url-pattern>/*</url-pattern> 
        </filter-mapping>
        
        <!-- FIN Ajout pour OPIAM -->
        <!-- 
                place this into the contextConfigLocation to enable
                service restrictions.
                /WEB-INF/approvedServices.xml, .....

In  fact I didn't not even change anything in-there.
The first thing you have to do is try out https connection to CAS. For me it 
was :

https://localhost:8443/cas/login but by default the port is 8444, so it would 
be 
https://localhost:8444/cas/login
Then if you've made the changes you need to in deployerConfigContext.xml, you 
should be able to authenticate with a valid user&password.

See my configuration attached.

Hope it helps

-- 
Futschik Adrien
Atos Origin
Tour "Les Miroirs" 
18, avenue d'Alsace 
92296 Paris La Défense Cedex
FRANCE
 
Phone: +33 (0) 1 55 91 24 82

[EMAIL PROTECTED] 
www.si.fr.atosorigin.com
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC  "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd";>
<!--
    | deployerConfigContext.xml centralizes into one file some of the declarative configuration that
    | all CAS deployers will need to modify.
    |
    | This file declares some of the Spring-managed JavaBeans that make up a CAS deployment.  
    | The beans declared in this file are instantiated at context initialization time by the Spring 
    | ContextLoaderListener declared in web.xml.  It finds this file because this
    | file is among those declared in the context parameter "contextConfigLocation".
    |
    | By far the most common change you will need to make in this file is to change the last bean
    | declaration to replace the default SimpleTestUsernamePasswordAuthenticationHandler with
    | one implementing your approach for authenticating usernames and passwords.
    +-->
<beans>
	<!--
	    | This bean declares our AuthenticationManager.  The CentralAuthenticationService service bean
	    | declared in applicationContext.xml picks up this AuthenticationManager by reference to its id, 
	    | "authenticationManager".  Most deployers will be able to use the default AuthenticationManager
	    | implementation and so do not need to change the class of this bean.  We include the whole
	    | AuthenticationManager here in the userConfigContext.xml so that you can see the things you will
	    | need to change in context.
	    +-->
	<bean id="authenticationManager"
	      class="org.jasig.cas.authentication.AuthenticationManagerImpl">
		<!--
		    | This is the List of CredentialToPrincipalResolvers that identify what Principal is trying to authenticate.
		    | The AuthenticationManagerImpl considers them in order, finding a CredentialToPrincipalResolver which 
		    | supports the presented credentials.
		    |
		    | AuthenticationManagerImpl uses these resolvers for two purposes.  First, it uses them to identify the Principal
		    | attempting to authenticate to CAS /login .  In the default configuration, it is the DefaultCredentialsToPrincipalResolver
		    | that fills this role.  If you are using some other kind of credentials than UsernamePasswordCredentials, you will need to replace
		    | DefaultCredentialsToPrincipalResolver with a CredentialsToPrincipalResolver that supports the credentials you are
		    | using.
		    |
		    | Second, AuthenticationManagerImpl uses these resolvers to identify a service requesting a proxy granting ticket. 
		    | In the default configuration, it is the HttpBasedServiceCredentialsToPrincipalResolver that serves this purpose. 
		    | You will need to change this list if you are identifying services by something more or other than their callback URL.
		    +-->
		<property name="credentialsToPrincipalResolvers">
			<list>
				<!--
				    | UsernamePasswordCredentialsToPrincipalResolver supports the UsernamePasswordCredentials that we use for /login 
				    | by default and produces SimplePrincipal instances conveying the username from the credentials.
				    | 
				    | If you've changed your LoginFormAction to use credentials other than UsernamePasswordCredentials then you will also
				    | need to change this bean declaration (or add additional declarations) to declare a CredentialsToPrincipalResolver that supports the
				    | Credentials you are using.
				    +-->
				<bean
				     class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver" />
				<!--
				    | HttpBasedServiceCredentialsToPrincipalResolver supports HttpBasedCredentials.  It supports the CAS 2.0 approach of
				    | authenticating services by SSL callback, extracting the callback URL from the Credentials and representing it as a
				    | SimpleService identified by that callback URL.
				    |
				    | If you are representing services by something more or other than an HTTPS URL whereat they are able to
				    | receive a proxy callback, you will need to change this bean declaration (or add additional declarations).
				    +-->
				<bean
				     class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver" />
			</list>
		</property>
		
		<!--
		    | Whereas CredentialsToPrincipalResolvers identify who it is some Credentials might authenticate, 
		    | AuthenticationHandlers actually authenticate credentials.  Here we declare the AuthenticationHandlers that
		    | authenticate the Principals that the CredentialsToPrincipalResolvers identified.  CAS will try these handlers in turn
		    | until it finds one that both supports the Credentials presented and succeeds in authenticating.
		    +-->
		<property name="authenticationHandlers">
			<list>
				<!--
				    | This is the authentication handler that authenticates services by means of callback via SSL, thereby validating
				    | a server side SSL certificate.
				    +-->
				<bean
				     class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler" >
					<property name="httpClient" ref="httpClient" />
				</bean>
				
				<!--
				    | This is the authentication handler declaration that every CAS deployer will need to change before deploying CAS 
				    | into production.  The default SimpleTestUsernamePasswordAuthenticationHandler authenticates UsernamePasswordCredentials
				    | where the username equals the password.  You will need to replace this with an AuthenticationHandler that implements your
				    | local authentication strategy.  You might accomplish this by coding a new such handler and declaring
				    | edu.someschool.its.cas.MySpecialHandler here, or you might use one of the handlers provided in the adaptors modules.
				    +-->
				<bean
				     class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler" >
					<property name="filter" value="uid=%u" />
					<property name="searchBase" value="dc=mycompany,dc=com" />
					<property name="contextSource" ref="contextSource" />
				</bean>
			</list>
		</property>
	</bean>
	
	<bean id="contextSource" class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource">
		<!--
		    <property name="authenticatedReadOnly" value="true" />
		    -->
		<property name="anonymousReadOnly" value="false"/>
		<property name="password" value="secret" />
		<property name="pooled" value="true" />
		<property name="urls">
			<list>
				<value>ldap://localhost:4800/</value>
			</list>
		</property>
		<property name="userName" value="cn=manager,dc=mycompany,dc=com" />
		<property name="baseEnvironmentProperties">
			<map>
				<entry>
					<key><value>java.naming.security.authentication</value></key>
					<value>simple</value>
				</entry>
			</map>
		</property>
	</bean>				
</beans>
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas

Reply via email to